Is it possible to enable/disable cipher suites depending on the user agent (like BrowserMatch)? I need a single old/weak cipher suite only for an old client application and I have tried some RewriteRules to forbid access to the server with the old cipher suite and not matching user agents. But I need enabled stronger and weaker cipher suites and protocols on vhost level to allow access. So I get an "F" on https://www.ssllabs.com/ssltest . Can I increase the rating (the insecure/weak cipher suite should not be visible for general user agents on the initial handshake).